Tom Hoffman wrote:
We've had a difficult time figuring out how to even diagram all the
permissions in SchoolTool. I finally feel like I've got a reasonable
start on it. See the attached .pdf. Before I spend hours on each
individual action, I'd like some feedback on if this seems like a
reasonable approach.
A few notes:
* green means the action is allowed
* red means it is not
* yellow means it should be site configurable
* grey means the action is impossible in this context
I'm not sure I understand the table; I think I have some trouble reading it.
Evidently students and parents are allowed to do 'edit person info', but
teachers and staff members are only configurably allowed to do this.
What does that mean? How are they allowed to edit person info while not
being allowed to view it?
(is the 'edit personal info' column just wrong or something?)
Could you give a few examples of rules that follow from this table?
The somewhat implicit notion of relationship and self worries me somewhat.
For some permissions it makes sense; presumably self-adults can change
their own passwords (I'd be wary of using the word 'adult' by the way -
adult students exist. self-staff and self-parent might work better, and
allows for some differentiation which may be necessary). Site managers
can however manipulate anyone's password.
But for 'view students names', I can't figure out the meaning of
'self-student'. Why is self-student allowed to 'view students' name'?
Shouldn't that be greyed out?
Some permissions are about individuals (personal data, like a password),
and some permissions are global (ability to see the list of students,
ability to add a student).
According to the table, someone with the pupil relationship (could that
be named perhaps something like "classmate", or even "sectionmate"?)
cannot see personal information, but someone with the instructor
relationship can. But then pupils are allowed to edit each other's
personal information?
And self-adults are allowed to add/delete people? Does it make sense for
the self-relationship to do anything of the sort?
Perhaps we're being a bit early with this table, as I encapsulated rules
in prose before and now I have a lot of trouble understanding the table.
Regards,
Martijn
_______________________________________________
Schooltool mailing list
[email protected]
http://lists.schooltool.org/mailman/listinfo/schooltool
